icbc aml risk-based approach (jan 2011) by bachir el nakib
DESCRIPTION
AML/CFT Risk-Based Approach ( Industrial and Commercial Bank of China - Jan 2011) by Bachir El NakibTRANSCRIPT
AML, KYC, Risk Based Approach, and Compliance
Bachir El Nakib, CAMS
Doha Branch , 21 March 2011
04/11/23 123/4/11 1@2011 - ICBC Doha Branch
What Is Money Laundering ?
– Money Laundering is the Process of Integrating the Proceeds of Crime into the Legitimate Stream of Financial Commerce by Masking its Origin• A process to make Illegitimate Funds
Appear Legitimate
What Is Money Laundering ?
– Concealing the existence or source of income from a crime
– Disguising income from a crime so that it appears legitimate
– Knowingly assisting a criminal in moving money or other property that constitutes the proceeds of criminal activity
Some Examples of Proceeds of Activities Which Constitute Money Laundering in Qatar &
UAE are:– Drug Trafficking– Foreign Official Corruption– Embezzlement– Securities, Wire and Mail Fraud – Bribery– Terrorist Financing– Trafficking in Human Cargo– Racketeering– Arson– Foreign Smuggling & Export Control Violations– Money Derived From Predicate Crimes
Money Laundering is separate from the charges of the underlying crime(s)
Money LaunderingMoney LaunderingStages & Techniques Stages & Techniques
23/4/11 5
Trade Based Money laundering
23/4/11 7
We all share the same goals:
23/4/11 8@2011 - ICBC Doha Branch
Objectives of presentation
• Why the need to risk assess?• How to risk assess?• Objectives – V – Risk• Input and Output• Translating operational requirements into a National
Strategy• This is not a passive training session!
23/4/11 9@2011 - ICBC Doha Branch
Financial Institutons
Insurance Companies
DNFBPs
Criminal justice system
Police
Customs
Security Services
Launderers & terrorists
Illegal Activity
Proceeds of crime
Financial Intelligence Unit
Regulators
Markets & Exchange Houses
23/4/11 10@2011 - ICBC Doha Branch
Objectives V Risks
• Before thinking of risks we need to determine what the operational objectives of our departments are?– What we were set up to do?– What do we do well?– What do we need to do better?– What do we need to stop doing?
• Once we establish objectives then we can think of risks
23/4/11 11@2011 - ICBC Doha Branch
The Outline of the Risk-Based Methodology
23/4/11 12@2011 - ICBC Doha Branch
Risk Categories
Category of Risk Description
Corporate / Commercial Risks arising out of entrepreneurial or commercial activities.
Economic / Financial / Market
Risks driven by economic activity either of a region, jurisdiction or given market.
Legal / Regulatory Risks arising from legal or regulatory requirements or evolving international standards.
Organisational / Management Human
Risks presented due to limitations of human or financial resourcing.
Political / Societal Risks arising from changing political or societal expectations.
Environmental / Acts of God Risks that can materialise without the ability to influence them.
Technical / Operational / Infrastructure
Risks caused or exacerbated by resourcing or technical limitations.
23/4/11 13@2011 - ICBC Doha Branch
Examples of Risk Identification
Objective: To travel from Al Rayyan to Doha for a meeting by bus for a meeting at a certain time.Risk Description Evaluation - Good Description?Failure to get from Al Rayyan to Doha on time for the meeting
NO, this is simply the converse of the objective
Being late and missing the meetingNO, This is a statement of impact of the risk, not the risk itself.
There is no food on the bus so I get hungry
NO, this does not impact on achievement of the objective.
Missing my lift to the bus stop causes me to miss the bus causing me to be late and miss the meeting
YES, This is a risk that can be controlled by making sure I allow plenty of time to get to the bus-stop.
Severe weather prevents the bus from running and me getting to the meeting
YES, although this is a risk which I cannot control, but against which I can make a contingency plan.
23/4/11 14@2011 - ICBC Doha Branch
Addressing Risk - The Risk Matrix
23/4/11 15@2011 - ICBC Doha Branch
Assessing Risk- Impact & Likelihood
• All risks need to be assessed for their impact and likelihood;– Impact
• Low – If risk materialised will not have a detrimental effect • Medium – Some damage will ensue• High – Major remediation will be required to correct
– Likelihood• Low – The risk may occur only in exceptional circumstances• Medium – Reasonable chance of occurring• High - Most likely to occur than not
23/4/11 16@2011 - ICBC Doha Branch
Risk Tolerance Matrix
23/4/11 17@2011 - ICBC Doha Branch
Risk Tolerance
TOLERATE The exposure may be tolerable without any further action being taken
TREAT The purpose of treatment is that whilst continuing within the
organisation with the activity giving rise to the risk, action (control) is taken constrain the risk to an acceptable level.
TRANSFER For some risks the best response may be to transfer them. This
option is particularly good for mitigating financial risks or risks to assets.
TERMINATE Some risks will only be treatable, or containable to acceptable levels,
by terminating the activity.
23/4/11 18@2011 - ICBC Doha Branch
We need to balance different demands
19
Review account opening opportunities across business lines
Account openings
Compliance will give you a timely response so you can respond to potential clients quickly
Identify account openings that need to be escalated
Optimise riskBuild brand
Effective use of resourcesMaximise opportunities
Profitability
23/4/11 19@2011 - ICBC Doha Branch
23/4/11 @2010 Compliance Alert 20
THE ONLY ISSUE?COMPLIANCE & REGULATORY RISK
The problem is KYC
KNOW YOUR- CUSTOMERS- CORRESPONDENTS- EMPLOYEES- SHAREHOLDERS
?23/4/11 20@2011 - ICBC Doha Branch
Know your customer: why is this needed? What does it mean?
• Risk based client classification
• How to carry out customer due diligence
• Beneficial owners of funds vs introducers
• Accounts and territories a Bank will not deal with
• Higher-risk clients - How the information will be verified and for whom, and
- The extent of identification information to be sought
- Politically Exposed Persons: what it means and why could they be
high risk?
- Entities with no transparent ownership structure – i.e. FZCs
23/4/11 21@2011 - ICBC Doha Branch
22
Components of a Risk Based Approach
Risk Indicators Mitigating Controls
Regulatory Environment
Customer/Business Type
Geography
Product/Service/Delivery Channels
Transaction Type
Governance Structure
Policies & Procedures
Training/Communications & Awareness
Independent Testing
Increased regulatory expectations
New regulations
AMLRisk Based Approach
23/4/11 22@2011 - ICBC Doha Branch
23/4/11 @2010 Compliance Alert 23
Compliance Process
4 Phases
Risk assessment
Risk identification
Risk Reporting
Risk Monitoring
232323/4/11 23@2011 - ICBC Doha Branch
23/4/11 24
Risk Based Approach to KYC
1. Accept or Reject business?
•Profitability
•Suitability
•Reputation Risk
•Sanctions •Suspect blacklists
Reject due to Business
Considerations
Reject due to Business
Considerations
Reject due to Sanctions
etc
Reject due to Sanctions
etc
Accept
2a. Borrowing Customers
Existing KYC Process
(BCA)
3. Risk Assessment
Manage a
s Le
vel 3
Ris
kM
anage a
s Le
vel 3
Ris
kM
anage a
s Le
vel 2
R
i sk
Manage a
s Le
vel 2
R
i sk
Manage a
s Le
vel 1
Ris
kM
anage a
s Le
vel 1
Ris
k
2b. Non-Borrowing Customers risk profiled using agreed and easy to implement filters.
3. Separate out Level 3 customers using agreed filters.
3. Impose Basic KYC only
3b. Impose Enhanced KYC
@2010 Compliance Alert23/4/11 24@2011 - ICBC Doha Branch
23/4/11 25
Risk Based Approach to KYCLevel 3
RiskLevel 3
RiskLevel 2
RiskLevel 2
RiskLevel 1
RiskLevel 1
Risk
Monitor Account Activity which requires account to be classified as Level (2) or (3)
Monitor Account Activity which requires account to be classified as Level (2) or (3)
Monitoring to identify account activity which requires account to be reclassified as Level (3)
Monitoring of transactions against customer profile on monthly basis.
Monitoring to identify account activity which requires account to be reclassified as Level (3)
Monitoring of transactions against customer profile on monthly basis.
Account Opening
Ongoing Account
Management
Monthly Review
-Monitoring of transactions against customer profile
-KYC Relationship review approved by Senior management
Monthly Review
-Monitoring of transactions against customer profile
-KYC Relationship review approved by Senior management
Enhanced KYC
-Basic KYC Plus
-Nature of business
-Origin of funds
-Purpose of account
-Type & level of activity
Enhanced KYC
-Basic KYC Plus
-Nature of business
-Origin of funds
-Purpose of account
-Type & level of activity
Basic KYC
-Evidence of Identity
-Evidence of address
- Sanctions Filtering
Basic KYC
-Evidence of Identity
-Evidence of address
- Sanctions Filtering
@2011 - ICBC Doha Branch
23/4/11 @2011 - ICBC Doha Branch 26
Why should I care about these Requirements?• Money Launderers and Terrorists seek out vulnerable banks
• The Regulator will fine the bank heavily
– Ignorance is no defense!
• FinCEN Listing Banks as Primary money laundering concern (LCB Case 10 Feb 2011)
• OFAC can and will seize customers funds
– Banco Delta Asia Ltd. Macau, Syria, Cuba, Iran, North Korea, Congo
• US, European and other banks won’t Correspond with you
– Strict Due Diligence
– Correspondent Bank Certifications
– Demand due diligence (KYCC)
• The cost of a Fine is insignificant, compared to the internal cost and loss of business.
– Restructuring, new procedures, new systems, training
– Loss of reputation
– Loss of shareholder value
23/4/11 @2011 - ICBC Doha Branch 27
Watch list Filtering• Scanning of customer records & transactions against
– Government sanction lists – OFAC, BOE, UNO etc– High risk individuals- terrorists, organized crime, fraudsters etc– Exposed individuals – PEPs, public figures, high profile– 3rd party database providers – World Compliance, Thomson, Bridger, World-Check,
Dow Jones-Factiva, Complinet, Lexis-Nexis, etc.,
• Key Issues– Character Variations– Phonetic Variations– Transliterations & cultural differences
• Using intelligent name matching algorithms with :– Normalization of names – capitals, abbreviations, spaces, punctuation– Reference libraries – common short names, cultural inputs– Reduction to simplified representation – phonetics, soundex– Indexing – decision tree– Similarity assessment – string equality, sub-sets, edit distance
23/4/11 @2011 - ICBC Doha Branch 28
The Situation
k
• High risk individuals, companies and organisations are targeting financial organisations and the countries within which they operate.
• Their very existence depends on their ability to enter your organisation or country undetected. What are the risks:
• Regulatory risk
• Reputational risk
• Business risk
• Shareholder risk
• Job risk
23/4/11 @2011 - ICBC Doha Branch 29
LOB Risk Assessment
Evaluate Assess
Evaluate inherent risks
Assess controls
Determine Develop
Monitor and enhance controls
Develop and implement
action plans
Determine residual risk/
establish thresholds
Maintain and retain records
Monitor Maintain
23/4/11 @2011 - ICBC Doha Branch 30
Risk-based Approach and the KYC Process
• Simplified Due Diligence?• Enhanced Due Diligence?
Risk-Scoring
23/4/11 @2011 - ICBC Doha Branch 31
– How do we perform risk assessment?– Do we have the right tools to do the job?– How does the risk assessment program define and
score the risks of products? Customers? And jurisdictions?
– How do we develop risk based matrices? With or without the help of outside vendors?
Risk-based Approach and the KYC Process
Know Your Customer
• ICBC is committed to know each of its customers to the extent appropriate for the customer’s risk profile
• ICBC Customer Due Diligence Measures
• Customer identification• Verifying the customers ID, reliable, independent source
documents, data and information• Establishing whether customer acting on behalf of another person• Measures if customer acting on behalf of another person• Measures if customer is a legal person or legal arrangement• Establishing beneficial ownership• Obtaining the source of customer’s wealth and funds• Obtaining information about the purpose and intended nature of
the business relationship
23/4/11 32@2011 - ICBC Doha Branch
23/4/11 @2011 - ICBC Doha Branch 33
Enhanced Risk Assessment MethodologyConduct detailed analysis of each category
1 2 53 4
Assess Risk
Purpose of Account
Activity in Account
Nature of the business
Location Products and Services used
23/4/11 @2011 - ICBC Doha Branch 34
Risk-based Approach and the KYC Process
Simplified or Enhanced Due Diligence?
Simplified CDD Level 1 - Tick-box / Red-Flag Check
Limited CDD Level 2 - Public Record Research
Standard CDD Level 3 - Public Record Research Limited Source Enquiries
Enhanced CDD Level 4 - In-depth Public Record Research & Enquiries
Specific issues
The Risk-based approach requires a levelled approach to CDD
23/4/11 @2011 - ICBC Doha Branch 35
Main AML Risk based Approach Factors
Customer Risk Country Risk
Sector Risk Product Risk
23/4/11 @2011 - ICBC Doha Branch 36
Risk Based Approach Elements
Customer Risk•Overall background and reputation•Business interests and practices-Mgt•Business associates and
networks/ Business Link•Political Affiliations (PEPs)•Beneficial ownership and control•Source of funds
Country Risk•Political stability•Legal status•Economic situation•Standing of the financial services
industry•Exposure to organised crime and
Money laundering•Corruption
Sector Risk•Weapons and Metal trading•Precious metals•Art•Real Estate•Exchange Dealership
Product Risk•Private Banking•Correspondent Banking •Structured Finance•Commodities
23/4/11 @2011 - ICBC Doha Branch 37
RBA Matrix
• An RBA Matrix is built to:– Assess Risks– Capture identified risks– Estimate their probability of occurrence and
impact– Rank the risks based on the above
information.
23/4/11 @2011 - ICBC Doha Branch 38
• These variables may increase or decrease the risk posed by a particular customer or transaction, for example:
– The level of regulation or governance regime to which a customer is subject. (A customer is located in a high regulated jurisdiction poses less risk than a customer located in a low risk jurisdiction)
– Type of the entity: publicly owned entities pose less risk than private entities
– The use of intermediate = Anonymity
23/4/11 @2011 - ICBC Doha Branch 39
Case Study – Results of Risk-Scoring
Customer Risk
•Overall background and
reputation•Business interests and practices•Business associates and
networks•Political Affiliations (PEPs)•Beneficial ownership and control•Source of funds
Country Risk
•Known of weak AML rules •Known of terrorist financing,
Smuggling & other money
laundering activities
Sector Risk
•Real Estate
Product Risk
•Structured Finance•Complex transaction
23/4/11 @2011 - ICBC Doha Branch 40
Case Study – Results of Risk-Scoring
Enhanced CDD – Level 4
Simplified CDD Level 1 - Tick-box / Red-Flag Check
Limited CDD Level 2 - Public Record Research
Standard CDD Level 3 - Public Record Research Limited Source Enquiries
Enhanced CDD Level 4 - In-depth Public Record Research & Enquiries
Specific issues
The Risk-based approach requires a levelled approach to CDD
23/4/11 @2010 Compliance Alert 41
ActionsImpact
Analysis
Risk Response (controls)
Quality of Risk
Customer Risk
Geographic Risk
Product and Service Risk
Quantity of Risk
Response Effectiveness
Analysis
Identify Risk Categories
Assess Quantity of Risk Assess Quality of Risk Action Plans
Enhanced Risk Assessment Methodology
Identify specific risks categories
23/4/11 41@2011 - ICBC Doha Branch
42
Customer Risk Matrix
Products/Services Used
Customer Type Deposit Account
UnsecuredLoan/CreditCards
Wire Transfer PrivateBanking
Trust Services
PEP Moderate Moderate High Highest Highest
High Net Worth Moderate Moderate High Highest Highest
High Risk Nationality Moderate Moderate High High High
High Risk Industry Moderate Moderate Moderate Moderate Moderate
Cash Intensive Business
Normal Moderate High Moderate Moderate
Salaried Employee Normal Normal Normal Normal Normal
Independent Consultant/Individual Entrepreneur
Moderate Normal Normal Normal Normal
Unemployed Moderate Moderate Moderate Moderate Moderate
Charity Moderate High High High High23/4/11 @2011 - ICBC Doha Branch
43
Account Opening Policies
Customer Risk Rating Applicable Policies
Normal Presentation of valid original identity documentsEstablish purpose of accountEstablish source of fundsRetain copiesCheck against UN and other watch lists
Moderate Above plus …Send registered letter to customer at provided address. Retain signed return receipt.
High Above plus …Independent verification of account opening documentsVerification of source of fundsInterview with bank officerVisit by bank officer to customer home/businessApproval from branch managerUpdating of account information/documents every twelve months
Highest Above plus …Updating of account documents every six monthsApproval from CEO23/4/11 @2011 - ICBC Doha Branch
44
Transaction Type Risk MatrixCustomer Risk Rating
Offshore Wire Transfer
Wire Transfer to High Risk Jurisdiction
Cash deposit under threshold/structuring transactions
Large Cash Deposit
Forex Early Loan Repayment
Normal Standard Standard Standard Enhanced Standard Standard
Moderate Enhanced Enhanced Enhanced Enhanced Enhanced Enhanced
High Severe Severe Enhanced Enhanced Enhanced Enhanced
Highest Severe Severe Severe Enhanced Enhanced Enhanced
23/4/11 @2011 - ICBC Doha Branch
45
Transaction Execution/Monitoring Policy
Transaction Risk Rating Applicable Policies
StandardTeller/staff monitoringAutomated system monitoring
EnhancedCustomer explanation for transactionCompliance Officer Approval for execution
SevereCEO Approval for execution
23/4/11 @2011 - ICBC Doha Branch
23/4/11 46@2011 - ICBC Doha Branch
© January 2003, kd labs ag, analytical CRM and data mining
Data analysis
1 2
patterns
3
Se
lf-h
isto
ry
Pe
er
gro
up
s
Lin
k A
na
lysi
s
rules
exp
ert
s,re
gu
latio
ns
names
Bla
cklis
ts,
PE
P‘s
, e
tc.
Overview
Bank'stransactions& customers
data
!Alertdelivery
Admin Client
User Interfaces
WorkflowClient
datarepository
externaldata
23/4/11 47@2011 - ICBC Doha Branch
23/4/11 @2010 Compliance Alert 48
Risk: Customer/Business TypeIdentifying PEPs
How do you determine whether an account holder is a PEP?
• Seek information directly from the individual
• Review sources of income including past and present employment history and references form professional associates
• Review public sources of information (i.e. databases, newspapers, etc.)
• CIAs online directory of “Chiefs of State and Cabinet Members of Foreign Governments” http://www.odci.gov/cia/publications/chiefs/index.html
• Transparency International Corruption Perceptions Index
• Private vendors (i.e. world Compliance/ Regulatory DataCorp (RDC), Factiva, and WorldCompliance)
23/4/11 48@2011 - ICBC Doha Branch
23/4/11 @2010 Compliance Alert 49
Risk: Customer/Business TypeIdentifying PEPs (Cont.)
FATF Recommendations for PEPs:
Determine whether a customer is a PEP
Obtain senior management approval for establishing relationship
Establish source of wealth of funds
Conduct ongoing monitoring of relationship
23/4/11 49@2011 - ICBC Doha Branch
Assessing AML Risk by Jurisdiction
CorruptionSanctions
Black list status e.g tax haven
International Cooperation e.g OECD, UN Non-Cooperation status
RISK
23/4/11 50@2011 - ICBC Doha Branch
23/4/11 @2011 - ICBC Doha Branch 51
Case Study: The United Nations
A FAMILY-RUN BUSINESS
23/4/11 @2011 - ICBC Doha Branch 52
• Son of Kofi Annan (Secretary General-UN) from first marriage
Kofi Annan
Kojo Annan
Case Study: The United Nations
• Worked for SGS/Cotecna (given UN deal to enforce sanctions in Iraqi ports)
• Moved on to start own company, Sutton Investments
Leo Mugabe
• Sutton part of consortium with Air Harbour Technologies & Leo Mugabe (nephew of Robert Mugabe, Pres of Zimbabwe)
Hani Yamani
• Air Harbour owned by Hani Yamani (son of Sheikh Yamani, Saudi Oil Min.)• Consortium won bid valued in $100s of millions to build Zimbabwe airport
Kojo Amoo
• Kojo Amoo-Gottfried, Ghana Ambassador to UN (nephew of Kofi)
Test your AML KnowledgeTest your AML Knowledge
23/4/11 53@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Which of the following is the most common method of laundering money through a legal money services business?
A. Purchasing structured money instrumentsB. Smuggling bulk-cashC. Transferring funds through Payable Through accounts (PTAs)D. Exchanging Colombian pesos on the black market
Correct Answer is: ACorrect Answer is: A
23/4/11 54@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: In general, the three phases of money laundering are said to be: Placement
A. Structuring and manipulationB. Layering and integrationC. Layering and smurfingD. Integration and infiltration
Correct Answer is: BCorrect Answer is: B
23/4/11 55@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Which of the following is an indication of possible money laundering in an insurance industry scenario?
A. Insurance products sold through intermediaries, agents or brokersB. Single-premium insurance bonds, redeemed at a discountC. Policyholders who are unconcerned about penalties for early cancellationD. Policyholders who make full use of the “free look” period
Correct Answer is: CCorrect Answer is: C
23/4/11 56@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Upon receipt of a legal document where the financial institution is asked by a government authority to produce account information and records, what is the recommended first step for the institution?
A. Review the legal document and answer the authorities within 72 hours.B. Research all the account information within the institution on the account holder.C. File a suspicious activity report, if possible.D. Contact the institution’s Compliance Officer or legal counsel.
Correct Answer is: DCorrect Answer is: D
23/4/11 57@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Money Laundering refers to
A. Transfer of assets/cash from one account to anotherB. Conversion of illegal money through banking channelsC. Conversion of cash into gold for hoardingD. Conversion of assets into cash to avoid income tax
Correct Answer is: BCorrect Answer is: B
23/4/11 58@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Minimum retention period of the records according to Jammal Trust Bank that can be produced to the relevant Regulatory Authority in case of suspicious transactions is
A. 5yearsB. 7 yearsC.10 yearsD.15 years
Correct Answer is: ACorrect Answer is: A
23/4/11 59@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: The following can be called as suspicious transactions
A. Customer insisting on anonymity.B. Work address difference from place of residency.C. Unusual terminating of account and refunds of interestD. All of the above
Correct Answer is: DCorrect Answer is: D
23/4/11 60@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Which of the following documents can be accepted as proof of customer identification.
A. Electricity billB. Salary slipC. Gym MembershipD. Government Issued Photo ID
Correct Answer is: DCorrect Answer is: D
23/4/11 61@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: Salaried employees, Government departments are classified as
A. High RiskB. Low RiskC. Medium RiskD. No Risk
Correct Answer is: BCorrect Answer is: B
23/4/11 62@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: PEPs (Politically Exposed Persons) & High Net Worth individuals could be classified as
A. High RiskB. Low RiskC. Medium RiskD. No Risk
Correct Answer is: ACorrect Answer is: A
23/4/11 63@2011 - ICBC Doha Branch
Knowledge TestKnowledge Test
Q: What are the money laundering risks to organizations?
A. Reputation RiskB. Compliance RiskC. Operational RiskD. Legal Risk
Correct Answer is: ACorrect Answer is: A
23/4/11 64@2011 - ICBC Doha Branch
23/4/11 @2011 - ICBC Doha Branch 65
OFAC: Office of Foreign Assets & Control lists: Specially Designated Nationals Weapons of Mass Destruction Blocked Countries
BIS: Bureau of Industry & Security - Issued by the United States
BOE: Bank of England
CSSF: Commission de Surveillance du Secteur Financier-Luxembourg
SECO: Secretariat d’Etat a l’economie – Switzerland
UN: United Nations: Al-Qaida & Taliban; Iraq; Liberia
MAS: Monetary Authority of Singapore
EU: EU Regulations
FATF: Financial Action Task Force
Other: Vendor (i.e. SIDE-OFAC/World Check Lists) and internal Lists
Risk: Customer/Business TypeExamples of Black Lists
23/4/11 @2010 Compliance Alert 66
Risk-Based Customer
Due Diligence
Investigations & Reporting
Customer Transactions
Single Customer View Data
Independent Audit
Training/Self Testing
Wri
tten
Pro
ced
ure
s
AML Risk Assessment Risk Profile
Pro
ject P
lann
ing
/Exe
cutio
nP
oli
cies
Corporate Governance
Pro
gram
Man
agem
en
tBest Practices Framework
23/4/11 66@2011 - ICBC Doha Branch
23/4/11 @2011 - ICBC Doha Branch 67
Summary
– Risk-scoring defines the level of CDD required
– Beneficial Ownership and PEPs are key
– Advantages:
• Institutions can mitigate their own risk exposure through the risk-based approach and risk exposure
• Risk-Scoring also enables institutions to develop benchmarks and risk rating parameters
Primary objective is profit maximisation but we place high importance on client care & other aspects of compliance.
There are multiple assurances of this in the firm…….
23/4/11 68@2011 - ICBC Doha Branch
69
23/4/11 @2011 - ICBC Doha Branch 70
THANK YOU